Commit graph

6045 commits

Author SHA1 Message Date
Abhijit Menon-Sen
8cf1815867 Add an 'extract' filter
At its most basic, this is nothing more than an array or hash lookup,
but when used in conjunction with map, it is very useful. For example,
while constructing an "ssh-keyscan …" command to update known_hosts on
all hosts in a group, one can get a list of IP addresses with:

    groups['x']|map('extract', hostvars, 'ec2_ip_address')|list

This returns hostvars[a].ec2_ip_address, hostvars[b].ec2_ip_address, and
so on. You can even specify an array of keys for a recursive lookup, and
mix string and integer keys depending on what you're looking up:

    ['localhost']|map('extract', hostvars, ['vars','group_names',0])|first
        == hostvars['localhost']['vars']['group_names'][0]
            == 'ungrouped'

Includes documentation and tests.
2015-12-02 18:16:38 +05:30
Abhijit Menon-Sen
22381be253 Bump version in devel now that stable-2.0 has been branched 2015-12-02 17:57:53 +05:30
Christoph Dittmann
267199fdd5 Update debug messages and comments
The comment was taken literally from lib/plugins/strategy/linear.py and
makes no sense in free.py where we have no noop tasks.

Also update the debug messages.
2015-12-02 11:17:24 +01:00
Christoph Dittmann
c6e400fbea Fix issue #13370
all_blocks is referenced after the loop over included_files, so it needs
to be initialized before this loop, not inside.
2015-12-02 11:17:24 +01:00
Christoph Dittmann
9a6ae1d62a Let PlayIterator.add_tasks accept empty task lists
PlayIterator.add_tasks raised an error when trying to add an empty task
list.  This was the root cause of ansible issue #13370.
2015-12-02 11:17:24 +01:00
Brian Coca
b92cb93539 unconditionally set vars on init to avoid issues with var precedence 2015-12-01 21:24:46 -08:00
Peter Sprygada
2491afc8b6 fixes a syntax issue with module_utils/eapi.py
This patch fixes an issue with the common args dict in the eapi shared
module.  This patch is required for the eapi shared module to be properly
imported and is therefore should be applied to all instances.
2015-12-01 23:34:59 -05:00
Brian Coca
8c630406c9 Merge pull request #13357 from privateip/feature_ssh_shared_module
initial add of ssh shared module.
2015-12-01 19:15:03 -08:00
Brian Coca
923b5467e3 Merge pull request #13354 from privateip/feature_eapi
adds device common argument to shared module
2015-12-01 19:14:07 -08:00
Brian Coca
574d7be8d5 Merge pull request #13358 from privateip/feature_ios_shared_module
Feature ios shared module
2015-12-01 19:04:24 -08:00
Peter Sprygada
93cd7a2a5f adds module create function for eapi.py shared module
This commit changes the way modules create an instance of AnsibleModule to
now use a common function, eapi_module.  This function will now automatically
append the common argument spec to the module argument_spec.  Module
arguments can override common module arguments
2015-12-01 20:00:41 -05:00
Peter Sprygada
8638e0ccf8 initial add of the ios shared module
This adds shared module support for building modules that connect to Cisco
IOS devices.  It builds on the module_utils/ssh.py shared module.
2015-12-01 19:55:41 -05:00
Brian Coca
3e01516783 fixed signature for init on callbacks
also removed passing display to base class which already handles this
2015-12-01 14:06:54 -08:00
nitzmahone
c94509f273 allow shell plugin to affect remote module filename
Fix for 13368, added get_remote_filename to shell plugins, powershell version appends .ps1 if necessary, base shell plugin no-ops
2015-12-01 13:39:02 -08:00
Abhijit Menon-Sen
f488de8599 Make sudo+requiretty and ANSIBLE_PIPELINING work together
Pipelining is a *significant* performance benefit, because each task can
be completed with a single SSH connection (vs. one ssh connection at the
start to mkdir, plus one sftp and one ssh per task).

Pipelining is disabled by default in Ansible because it conflicts with
the use of sudo if 'Defaults requiretty' is set in /etc/sudoers (as it
is on Red Hat) and su (which always requires a tty).

We can (and already do) make sudo/su happy by using "ssh -t" to allocate
a tty, but then the python interpreter goes into interactive mode and is
unhappy with module source being written to its stdin, per the following
comment from connections/ssh.py:

        # we can only use tty when we are not pipelining the modules.
        # piping data into /usr/bin/python inside a tty automatically
        # invokes the python interactive-mode but the modules are not
        # compatible with the interactive-mode ("unexpected indent"
        # mainly because of empty lines)

Instead of the (current) drastic solution of turning off pipelining when
we use a tty, we can instead use a tty but suppress the behaviour of the
Python interpreter to switch to interactive mode. The easiest way to do
this is to make its stdin *not* be a tty, e.g. with cat|python.

This works, but there's a problem: ssh will ignore -t if its input isn't
really a tty. So we could open a pseudo-tty and use that as ssh's stdin,
but if we then write Python source into it, it's all echoed back to us
(because we're a tty). So we have to use -tt to force tty allocation; in
that case, however, ssh puts the tty into "raw" mode (~ICANON), so there
is no good way for the process on the other end to detect EOF on stdin.
So if we do:

    echo -e "print('hello world')\n"|ssh -tt someho.st "cat|python"

…it hangs forever, because cat keeps on reading input even after we've
closed our pipe into ssh's stdin. We can get around this by writing a
special __EOF__ marker after writing in_data, and doing this:

    echo -e "print('hello world')\n__EOF__\n"|ssh -tt someho.st "sed -ne '/__EOF__/q' -e p|python"

This works fine, but in fact I use a clever python one-liner by mgedmin
to achieve the same effect without depending on sed (at the expense of a
much longer command line, alas; Python really isn't one-liner-friendly).

We also enable pipelining by default as a consequence.
2015-12-01 23:32:20 +05:30
Toshio Kuratomi
50553bc2ba _connect no longer takes a port argument 2015-12-01 09:12:25 -08:00
Brian Coca
f1fcab4610 ignore password flags in become conflict check
since all the --ask pass options end up triggering the same code
and are functionally equivalent, ignore them when it comes to checking
privilege escalation conflicts. This allows using -K when --become-method=su
and so on.
2015-12-01 08:18:31 -08:00
Brian Coca
a6f6a80caa avoid inheritance issues with default=dict declaration at class level
this should avoid the issue of subsequent plays not prompting for a var
prompted for in a previous play.
2015-12-01 08:18:31 -08:00
Toshio Kuratomi
30094912eb boto is expecting that we pass it unicode strings.
The secret_key parameter especially can contain non-ascii characters and
will throw an error if such a string is passed as a byte str.

Potential fix for #13303
2015-12-01 07:03:57 -08:00
Arata Notsu
6d6d4f0c8e BOOLEAN should contain boolean literals
It is natural that an argument_spec with choises=BOOLEAN accepts
boolean literal (True, False) though the current implementation
allows only string or int.
2015-12-01 23:51:39 +09:00
Toshio Kuratomi
ba4e571029 Update submodule refs to go along with the StandardError change in ec2 moudles 2015-11-30 19:05:33 -08:00
Toshio Kuratomi
19d5759771 raise AnsibleAWSError instead of StandardError.
* StandardError doesn't exist in python3
* because it is the root of builtin expections, we can't catch it
  separate from the builtin exceptions
* It doesn't tell us anything about the error being thrown as it's too
  generic
2015-11-30 19:05:33 -08:00
James Cammarata
dc0fae1af7 Also make sure remote_user is defaulted correctly for delegated hosts
Fixes #13323
2015-11-30 16:15:14 -05:00
Toshio Kuratomi
e2ddc2f6ab Call the function :-)
Fixes #13330
2015-11-30 12:34:20 -08:00
James Cammarata
cc36eedf76 Ensure port is (re)set for delegated-to hosts
Fixes #13265
2015-11-30 14:40:23 -05:00
Brian Coca
b5f2c3def2 fixed typo 2015-11-30 09:20:59 -08:00
Brian Coca
eefb4931dd allow for bad stdout return from make temp dir command
fixes #13359
2015-11-30 09:19:16 -08:00
Brian Coca
005b17afec corrected become_methods class variable in winrm
This should now correctly react when using become with winrm
fixes #13331
2015-11-30 08:35:08 -08:00
James Cammarata
80db6bacc4 Make sure run_once tasks properly set variables for all active hosts
Fixes #13267
2015-11-30 11:27:05 -05:00
James Cammarata
fbc9553bd4 Use text_type instead of unicode 2015-11-30 10:33:36 -05:00
James Cammarata
c6a30f7000 Make sure the uuid in vars is string 2015-11-30 10:26:12 -05:00
James Cammarata
f926e81782 Re-implement lookup wantlist
Fixes #13285
2015-11-29 23:45:54 -05:00
James Cammarata
dfa576b037 Merge pull request #13307 from Yannig/devel_fix_big_include_vars
Fix for https://github.com/ansible/ansible/issues/13221
2015-11-29 23:14:03 -05:00
Peter Sprygada
c087160652 initial add of ssh shared module.
This ssh shared module is used for building modules that require an
interactive shell environment such as those required for connecting
to network devices
2015-11-29 21:48:52 -05:00
James Cammarata
6671d78f95 Tweak location of stats callback execution and properly relocate stats output code 2015-11-28 14:03:21 -05:00
James Cammarata
ea23159be4 Merge pull request #13348 from emonty/bug/iterate-on-none
Put in trap for args being None
2015-11-28 13:44:09 -05:00
Monty Taylor
d20e67d708 Put in trap for args being None
_normalize_old_style_args can return None. If it does, the loop
"for args in args" blows up.
2015-11-28 13:38:11 -05:00
James Cammarata
800811a15f Trigger on_stats just once, not once for each play
Fixes #13271
2015-11-28 13:37:43 -05:00
James Cammarata
a7f7f8bd29 Merge pull request #13297 from amenonsen/ssh-escalation
Explicitly accept become_success in awaiting_prompt state
2015-11-28 10:03:00 -05:00
James Cammarata
5b6162a166 Re-adding role_name/role_uuid variables 2015-11-28 09:08:24 -05:00
James Cammarata
8d9835c40b Merge pull request #13342 from Yannig/devel_fix_bomb_shell
Devel fix bomb shell
2015-11-28 09:02:12 -05:00
Yannig Perré
5227c6bb52 Do not copy variable_manager each time. Instead, keep host and local variable_manager sync.
Fix https://github.com/ansible/ansible/issues/13221
2015-11-28 14:58:33 +01:00
Yannig Perré
2fc7c8b460 More restrictive test against variable name to allow setting variable starting with _. 2015-11-28 10:35:06 +01:00
Brian Coca
fa358d9d61 avoids prompting for vars during syntax check
fixes #13319
2015-11-27 11:41:00 -08:00
Yannig Perré
2c54fb1339 Switch parameters validation after parsing in order to be more consistent between old and new style. 2015-11-26 13:33:58 +01:00
Abhijit Menon-Sen
f20e2630b0 Explicitly accept become_success in awaiting_prompt state
If we request escalation with a password, we start in expecting_prompt
state. If the escalation then succeeds without the password, i.e., the
become_success response arrives, we must explicitly move into the next
state (awaiting_escalation, which immediately goes into ready_to_send),
so that we no longer try to apply the timeout.

Otherwise, we would leak the success notification and eventually
timeout. But if the module response did arrive before the timeout
expired, the "process has already exited" test would do the right
thing by accident (which is why it didn't fail more often).

Fixes #13289
2015-11-26 06:06:01 +05:30
Toshio Kuratomi
1b743436b9 Do not double transform to unicode 2015-11-25 07:48:52 -08:00
Chrrrles Paul
157230c3e8 Merge pull request #13257 from chrrrles/utf8
fixing error with using non-ascii values for ask-sudo-password
2015-11-25 11:52:17 +09:00
Charles Paul
1e5a205389 fixing errors with utf-8 values
removing utf-8 stanza

changing cast to binary_type instead

using to_unicode
2015-11-25 11:47:25 +09:00
Brian Coca
71fe49ee3a Merge pull request #13247 from bcoca/fetch_fixes
fixes to fetch action module
2015-11-24 10:55:23 -08:00